Origin 'http://app.forestadmin.com' has been blocked by CORS policy

Bastien_Blanc · February 22, 2021, 6:57pm

Expected behavior

Access to my project in local to develop the project.
I am doing the migration to the V7

Actual behavior

I have a problem with CORS origin.

Failure Logs

app.use(
    cors({
        origin: process.env.CORS_ORIGINS,
        maxAge: 86400, // NOTICE: 1 day
        credentials: true,
    })
);

My error :

Access to fetch at 'http://localhost:3310/forest' from origin 'http://app.forestadmin.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
GET http://localhost:3310/forest net::ERR_FAILED

Context

Please provide any relevant information about your setup.

Package Version:
node 12.19
Express Version: 4.17.1
Sequelize Version: 5.15.1
Database Dialect: mysql
Forest-express-sequelize: 7.0.0

anon94532230 · February 22, 2021, 9:02pm

Hi @Bastien_Blanc !
You need to follow the Upgrade to v7 - Documentation.
There is a specific part about CORS configuration

Bastien_Blanc · February 23, 2021, 7:31am

Thanks Nicolas,
I missed this part !

Now, I have another problem.

I have this error now, can you help me ?

UnauthorizedError: invalid algorithm

app.use(
    jwt({
        secret: process.env.FOREST_AUTH_SECRET,
        credentialsRequired: false,
        algorithms: ['RS256'],
    })
);

GuillaumeGautreau · February 23, 2021, 8:47am

Hello @Bastien_Blanc,

The algorithm you configured is not correct. You set the value to RS256 and the correct value is HS256.

The first one is an algorithm based on a private and public keys pair.

The second one is based on a secret that is only known by the issuer of the token.

Bastien_Blanc · February 23, 2021, 8:52am

Thanks @GuillaumeGautreau !

I managed the authentication on my development environment, but now I have this error:

[forest] ���  undefined
{}
ForbiddenError: Forbidden
    at _callee$ (...\node_modules\forest-express\dist\middlewares\permissions.js:113:24)
    at tryCatch (...\node_modules\regenerator-runtime\runtime.js:63:40)

Do you have any idea, why I have this ?

GuillaumeGautreau · February 23, 2021, 10:27am

Hello, can you explain when this error occurs? Is it on startup? Is it when you try to access a route?

Bastien_Blanc · February 23, 2021, 1:36pm

Hello,

I have this error when I try to access to the details of an object.

GuillaumeGautreau · February 23, 2021, 1:37pm

Can you check that your collection is allowing to access details of objects?

On which collection do you have the issue?

Topic		Replies	Views
Cors configuration failed Help me!	1	336	June 13, 2022
Upgrading to v7 - CORS issue Help me!	7	758	March 17, 2021
CORS ERROR on localhost Help me! login , cors , locahost	2	349	June 21, 2023
Blocked by CORS locally Help me! setup	2	1295	October 21, 2020
Your admin backend is unreachable. Please check that it is running and respond to http://forest.***.com Help me!	4	1156	June 30, 2020

Origin 'http://app.forestadmin.com' has been blocked by CORS policy

Expected behavior

Actual behavior

Failure Logs

Context

Related topics